From: Doug MacEachern <dougm@apache.org>
Date: Thu, 28 Feb 2002 04:59:07 +0000 (+0000)
Subject: plug leak in ssl_init_FindCAList() where return value of
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=3cc8feda5489d61d11745fd0475a118426d76c9c;p=thirdparty%2Fapache%2Fhttpd.git

plug leak in ssl_init_FindCAList() where return value of
X509_NAME_oneline() used for trace logging was not freed.
now passes in a static buffer so no buffer is malloced.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93633 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/ssl_engine_init.c b/ssl_engine_init.c
index c7262546332..4107a891e63 100644
--- a/ssl_engine_init.c
+++ b/ssl_engine_init.c
@@ -856,11 +856,12 @@ static void ssl_init_PushCAList(STACK_OF(X509_NAME) *skCAList,
     sk = (STACK_OF(X509_NAME) *)SSL_load_client_CA_file(file);
 
     for (n = 0; sk != NULL && n < sk_X509_NAME_num(sk); n++) {
+        char name_buf[256];
         X509_NAME *name = sk_X509_NAME_value(sk, n);
 
         ssl_log(s, SSL_LOG_TRACE,
                 "CA certificate: %s",
-                X509_NAME_oneline(name, NULL, 0));
+                X509_NAME_oneline(name, name_buf, sizeof(name_buf)));
 
         if (sk_X509_NAME_find(skCAList, name) < 0) {
             /* this will be freed when skCAList is */